config BR2_PACKAGE_NGINX_NAXSI
	bool "nginx-naxsi"
	# uses pcre, so nginx needs to be built with pcre support
	select BR2_PACKAGE_PCRE
	help
	  NAXSI means Nginx Anti XSS & SQL Injection.

	  Technically, it is a third party nginx module, available as
	  a package for many UNIX-like platforms. This module, by
	  default, reads a small subset of simple (and readable) rules
	  containing 99% of known patterns involved in website
	  vulnerabilities. For example, <, | or drop are not supposed
	  to be part of a URI.

	  Being very simple, those patterns may match legitimate
	  queries, it is the Naxsi's administrator duty to add
	  specific rules that will whitelist legitimate
	  behaviours. The administrator can either add whitelists
	  manually by analyzing nginx's error log, or (recommended)
	  start the project with an intensive auto-learning phase that
	  will automatically generate whitelisting rules regarding a
	  website's behaviour.

	  In short, Naxsi behaves like a DROP-by-default firewall, the
	  only task is to add required ACCEPT rules for the target
	  website to work properly.

	  https://github.com/nbs-system/naxsi
